Cpanel SPF Generator - Input Validation?

Staff Member

Does the cpanel SPF generator preform any kind of input validation? I am seeing instances where infinite recursion loops are being preformed in a spf record:

i.e.

domain1.com. 14400 IN TXT "v=spf1 a mx include:domain2.com ~all"

and

domain2.com. 14400 IN TXT "v=spf1 a mx include:domain1.com ~all"

This causes you to hit the 10 check_host() limit as described in RFC 4408 (Section 10.1.) which means you allow customers to create records which will get their mail flagged as spam for failing to have working SPF records.

If you want to make this happen, just put multiple domains in the include list from the same cpanel account and select: Overwrite Existing Entries.